From e2ad7eac08fb83e0a7a88cb4b05baefa008bc98a Mon Sep 17 00:00:00 2001 From: Sattvik Chakravarthy Date: Mon, 30 Oct 2023 22:43:55 +0530 Subject: [PATCH] fix: add createdat to totp device --- .../java/io/supertokens/inmemorydb/Start.java | 2 +- .../inmemorydb/queries/TOTPQueries.java | 3 +- src/main/java/io/supertokens/totp/Totp.java | 5 +-- .../api/totp/ImportTotpDeviceAPI.java | 2 +- .../io/supertokens/test/StorageLayerTest.java | 2 +- .../test/totp/TOTPStorageTest.java | 36 +++++++++---------- .../totp/api/CreateTotpDeviceAPITest.java | 5 +-- .../totp/api/ImportTotpDeviceAPITest.java | 2 +- .../test/totp/api/MultitenantAPITest.java | 2 +- .../test/totp/api/TotpUserIdMappingTest.java | 4 +-- .../test/totp/api/VerifyTotpAPITest.java | 2 +- .../totp/api/VerifyTotpDeviceAPITest.java | 2 +- 12 files changed, 35 insertions(+), 32 deletions(-) diff --git a/src/main/java/io/supertokens/inmemorydb/Start.java b/src/main/java/io/supertokens/inmemorydb/Start.java index d344eb594..19fce809c 100644 --- a/src/main/java/io/supertokens/inmemorydb/Start.java +++ b/src/main/java/io/supertokens/inmemorydb/Start.java @@ -688,7 +688,7 @@ public void addInfoToNonAuthRecipesBasedOnUserId(TenantIdentifier tenantIdentifi } } else if (className.equals(TOTPStorage.class.getName())) { try { - TOTPDevice device = new TOTPDevice(userId, "testDevice", "secret", 0, 30, false); + TOTPDevice device = new TOTPDevice(userId, "testDevice", "secret", 0, 30, false, System.currentTimeMillis()); this.startTransaction(con -> { try { long now = System.currentTimeMillis(); diff --git a/src/main/java/io/supertokens/inmemorydb/queries/TOTPQueries.java b/src/main/java/io/supertokens/inmemorydb/queries/TOTPQueries.java index 727650b0c..9ff887a07 100644 --- a/src/main/java/io/supertokens/inmemorydb/queries/TOTPQueries.java +++ b/src/main/java/io/supertokens/inmemorydb/queries/TOTPQueries.java @@ -299,7 +299,8 @@ public TOTPDevice map(ResultSet result) throws SQLException { result.getString("secret_key"), result.getInt("period"), result.getInt("skew"), - result.getBoolean("verified")); + result.getBoolean("verified"), + result.getLong("created_at")); } } diff --git a/src/main/java/io/supertokens/totp/Totp.java b/src/main/java/io/supertokens/totp/Totp.java index c11369f88..320d8b513 100644 --- a/src/main/java/io/supertokens/totp/Totp.java +++ b/src/main/java/io/supertokens/totp/Totp.java @@ -118,7 +118,7 @@ public static TOTPDevice registerDevice(AppIdentifierWithStorage appIdentifierWi FeatureNotEnabledException, TenantOrAppNotFoundException, StorageTransactionLogicException { String secret = generateSecret(); - TOTPDevice device = new TOTPDevice(userId, deviceName, secret, period, skew, false); + TOTPDevice device = new TOTPDevice(userId, deviceName, secret, period, skew, false, System.currentTimeMillis()); TOTPSQLStorage totpStorage = appIdentifierWithStorage.getTOTPStorage(); if (deviceName != null) { @@ -137,7 +137,8 @@ public static TOTPDevice registerDevice(AppIdentifierWithStorage appIdentifierWi device.secretKey, device.period, device.skew, - device.verified + device.verified, + device.createdAt )); } catch (DeviceAlreadyExistsException e){ } diff --git a/src/main/java/io/supertokens/webserver/api/totp/ImportTotpDeviceAPI.java b/src/main/java/io/supertokens/webserver/api/totp/ImportTotpDeviceAPI.java index a7d9dd4b7..4e50687dd 100644 --- a/src/main/java/io/supertokens/webserver/api/totp/ImportTotpDeviceAPI.java +++ b/src/main/java/io/supertokens/webserver/api/totp/ImportTotpDeviceAPI.java @@ -89,7 +89,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I appIdentifierWithStorage = getAppIdentifierWithStorage(req); } - Totp.createDevice(super.main, appIdentifierWithStorage, new TOTPDevice(userId, deviceName, secretKey, period, skew, true)); + Totp.createDevice(super.main, appIdentifierWithStorage, new TOTPDevice(userId, deviceName, secretKey, period, skew, true, System.currentTimeMillis())); result.addProperty("status", "OK"); super.sendJsonResponse(200, result, resp); diff --git a/src/test/java/io/supertokens/test/StorageLayerTest.java b/src/test/java/io/supertokens/test/StorageLayerTest.java index a3b08c356..eb88558d8 100644 --- a/src/test/java/io/supertokens/test/StorageLayerTest.java +++ b/src/test/java/io/supertokens/test/StorageLayerTest.java @@ -85,7 +85,7 @@ public void totpCodeLengthTest() throws Exception { Start start = (Start) StorageLayer.getStorage(process.getProcess()); - TOTPDevice d1 = new TOTPDevice("user", "d1", "secret", 30, 1, false); + TOTPDevice d1 = new TOTPDevice("user", "d1", "secret", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), d1); // Try code with length > 8 diff --git a/src/test/java/io/supertokens/test/totp/TOTPStorageTest.java b/src/test/java/io/supertokens/test/totp/TOTPStorageTest.java index 38297710a..8bb8f0936 100644 --- a/src/test/java/io/supertokens/test/totp/TOTPStorageTest.java +++ b/src/test/java/io/supertokens/test/totp/TOTPStorageTest.java @@ -123,9 +123,9 @@ public void createDeviceTests() throws Exception { } TOTPSQLStorage storage = result.storage; - TOTPDevice device1 = new TOTPDevice("user", "d1", "secret", 30, 1, false); - TOTPDevice device2 = new TOTPDevice("user", "d2", "secret", 30, 1, true); - TOTPDevice device2Duplicate = new TOTPDevice("user", "d2", "new-secret", 30, 1, false); + TOTPDevice device1 = new TOTPDevice("user", "d1", "secret", 30, 1, false, System.currentTimeMillis()); + TOTPDevice device2 = new TOTPDevice("user", "d2", "secret", 30, 1, true, System.currentTimeMillis()); + TOTPDevice device2Duplicate = new TOTPDevice("user", "d2", "new-secret", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device1); @@ -155,7 +155,7 @@ public void verifyDeviceTests() throws Exception { } TOTPSQLStorage storage = result.storage; - TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false); + TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device); TOTPDevice[] storedDevices = storage.getDevices(new AppIdentifier(null, null), "user"); @@ -195,8 +195,8 @@ public void getDevicesCount_TransactionTests() throws Exception { }); assert devicesCount == 0; - TOTPDevice device1 = new TOTPDevice("user", "device1", "sk1", 30, 1, false); - TOTPDevice device2 = new TOTPDevice("user", "device2", "sk2", 30, 1, false); + TOTPDevice device1 = new TOTPDevice("user", "device1", "sk1", 30, 1, false, System.currentTimeMillis()); + TOTPDevice device2 = new TOTPDevice("user", "device2", "sk2", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device1); storage.createDevice(new AppIdentifier(null, null), device2); @@ -225,8 +225,8 @@ public void removeUser_TransactionTests() throws Exception { return null; }); - TOTPDevice device1 = new TOTPDevice("user", "device1", "sk1", 30, 1, false); - TOTPDevice device2 = new TOTPDevice("user", "device2", "sk2", 30, 1, false); + TOTPDevice device1 = new TOTPDevice("user", "device1", "sk1", 30, 1, false, System.currentTimeMillis()); + TOTPDevice device2 = new TOTPDevice("user", "device2", "sk2", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device1); storage.createDevice(new AppIdentifier(null, null), device2); @@ -266,8 +266,8 @@ public void deleteDevice_TransactionTests() throws Exception { } TOTPSQLStorage storage = result.storage; - TOTPDevice device1 = new TOTPDevice("user", "device1", "sk1", 30, 1, false); - TOTPDevice device2 = new TOTPDevice("user", "device2", "sk2", 30, 1, false); + TOTPDevice device1 = new TOTPDevice("user", "device1", "sk1", 30, 1, false, System.currentTimeMillis()); + TOTPDevice device2 = new TOTPDevice("user", "device2", "sk2", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device1); storage.createDevice(new AppIdentifier(null, null), device2); @@ -314,7 +314,7 @@ public void updateDeviceNameTests() throws Exception { } TOTPSQLStorage storage = result.storage; - TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false); + TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device); TOTPDevice[] storedDevices = storage.getDevices(new AppIdentifier(null, null), "user"); @@ -335,7 +335,7 @@ public void updateDeviceNameTests() throws Exception { // Try to create a new device and rename it to the same name as an existing // device: - TOTPDevice newDevice = new TOTPDevice("user", "new-device", "secretKey", 30, 1, false); + TOTPDevice newDevice = new TOTPDevice("user", "new-device", "secretKey", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), newDevice); assertThrows(DeviceAlreadyExistsException.class, @@ -354,8 +354,8 @@ public void getDevicesTest() throws Exception { } TOTPSQLStorage storage = result.storage; - TOTPDevice device1 = new TOTPDevice("user", "d1", "secretKey", 30, 1, false); - TOTPDevice device2 = new TOTPDevice("user", "d2", "secretKey", 30, 1, false); + TOTPDevice device1 = new TOTPDevice("user", "d1", "secretKey", 30, 1, false, System.currentTimeMillis()); + TOTPDevice device2 = new TOTPDevice("user", "d2", "secretKey", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), device1); storage.createDevice(new AppIdentifier(null, null), device2); @@ -382,7 +382,7 @@ public void insertUsedCodeTest() throws Exception { // Insert a long lasting valid code and check that it's returned when queried: { - TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false); + TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false, System.currentTimeMillis()); TOTPUsedCode code = new TOTPUsedCode("user", "1234", true, nextDay, now); storage.createDevice(new AppIdentifier(null, null), device); @@ -413,7 +413,7 @@ public void insertUsedCodeTest() throws Exception { // Try to insert code after user has atleast one device (i.e. TOTP enabled) { - TOTPDevice newDevice = new TOTPDevice("user", "new-device", "secretKey", 30, 1, false); + TOTPDevice newDevice = new TOTPDevice("user", "new-device", "secretKey", 30, 1, false, System.currentTimeMillis()); storage.createDevice(new AppIdentifier(null, null), newDevice); insertUsedCodesUtil( storage, @@ -447,7 +447,7 @@ public void getAllUsedCodesTest() throws Exception { long nextDay = now + 1000 * 60 * 60 * 24; // 1 day from now long prevDay = now - 1000 * 60 * 60 * 24; // 1 day ago - TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false); + TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false, System.currentTimeMillis()); TOTPUsedCode validCode1 = new TOTPUsedCode("user", "valid1", true, nextDay, now + 1); TOTPUsedCode invalidCode = new TOTPUsedCode("user", "invalid", false, nextDay, now + 2); TOTPUsedCode expiredCode = new TOTPUsedCode("user", "expired", true, prevDay, now + 3); @@ -493,7 +493,7 @@ public void removeExpiredCodesTest() throws Exception { long nextDay = System.currentTimeMillis() + 1000 * 60 * 60 * 24; // 1 day from now long hundredMs = System.currentTimeMillis() + 100; // 100ms from now - TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false); + TOTPDevice device = new TOTPDevice("user", "device", "secretKey", 30, 1, false, System.currentTimeMillis()); TOTPUsedCode validCodeToLive = new TOTPUsedCode("user", "valid", true, nextDay, now); TOTPUsedCode invalidCodeToLive = new TOTPUsedCode("user", "invalid", false, nextDay, now + 1); TOTPUsedCode validCodeToExpire = new TOTPUsedCode("user", "valid", true, hundredMs, now + 2); diff --git a/src/test/java/io/supertokens/test/totp/api/CreateTotpDeviceAPITest.java b/src/test/java/io/supertokens/test/totp/api/CreateTotpDeviceAPITest.java index 17e6fe29e..99d6ecbdb 100644 --- a/src/test/java/io/supertokens/test/totp/api/CreateTotpDeviceAPITest.java +++ b/src/test/java/io/supertokens/test/totp/api/CreateTotpDeviceAPITest.java @@ -217,8 +217,9 @@ public void testApi() throws Exception { attempt2Secret, 30, 0, - false - ); + false, + System.currentTimeMillis() + ); JsonObject verifyDeviceBody = new JsonObject(); verifyDeviceBody.addProperty("userId", device.userId); verifyDeviceBody.addProperty("deviceName", device.deviceName); diff --git a/src/test/java/io/supertokens/test/totp/api/ImportTotpDeviceAPITest.java b/src/test/java/io/supertokens/test/totp/api/ImportTotpDeviceAPITest.java index b713ac08e..ebf08914e 100644 --- a/src/test/java/io/supertokens/test/totp/api/ImportTotpDeviceAPITest.java +++ b/src/test/java/io/supertokens/test/totp/api/ImportTotpDeviceAPITest.java @@ -166,7 +166,7 @@ public void testApi() throws Exception { } // Verify totp on the imported device - TOTPDevice device = new TOTPDevice("user-id", "d1", secret, 30, 0, false); + TOTPDevice device = new TOTPDevice("user-id", "d1", secret, 30, 0, false, System.currentTimeMillis()); JsonObject verifyDeviceReq = new JsonObject(); verifyDeviceReq.addProperty("userId", device.userId); diff --git a/src/test/java/io/supertokens/test/totp/api/MultitenantAPITest.java b/src/test/java/io/supertokens/test/totp/api/MultitenantAPITest.java index 42473700e..f537befa6 100644 --- a/src/test/java/io/supertokens/test/totp/api/MultitenantAPITest.java +++ b/src/test/java/io/supertokens/test/totp/api/MultitenantAPITest.java @@ -276,7 +276,7 @@ public void testSameCodeUsedOnDifferentTenantsIsAllowed() throws Exception { for (TenantIdentifier tenant1 : tenants) { JsonObject deviceResponse = createDevice(tenant1, "user" + userCount); String secretKey = deviceResponse.get("secret").getAsString(); - TOTPDevice device = new TOTPDevice("user" + userCount, "d1", secretKey, 2, 1, true); + TOTPDevice device = new TOTPDevice("user" + userCount, "d1", secretKey, 2, 1, true, System.currentTimeMillis()); String validTotp = TOTPRecipeTest.generateTotpCode(process.getProcess(), device); verifyDevice(tenant1, "user" + userCount, validTotp); diff --git a/src/test/java/io/supertokens/test/totp/api/TotpUserIdMappingTest.java b/src/test/java/io/supertokens/test/totp/api/TotpUserIdMappingTest.java index f3b0d0ad6..f9e9b6dae 100644 --- a/src/test/java/io/supertokens/test/totp/api/TotpUserIdMappingTest.java +++ b/src/test/java/io/supertokens/test/totp/api/TotpUserIdMappingTest.java @@ -77,7 +77,7 @@ public void testExternalUserIdTranslation() throws Exception { "totp"); assert res1.get("status").getAsString().equals("OK"); String d1Secret = res1.get("secret").getAsString(); - TOTPDevice device1 = new TOTPDevice(externalUserId, "deviceName", d1Secret, 30, 1, false); + TOTPDevice device1 = new TOTPDevice(externalUserId, "deviceName", d1Secret, 30, 1, false, System.currentTimeMillis()); body.addProperty("deviceName", "d2"); @@ -93,7 +93,7 @@ public void testExternalUserIdTranslation() throws Exception { "totp"); assert res2.get("status").getAsString().equals("OK"); String d2Secret = res2.get("secret").getAsString(); - TOTPDevice device2 = new TOTPDevice(externalUserId, "d2", d2Secret, 30, 1, false); + TOTPDevice device2 = new TOTPDevice(externalUserId, "deviceName", d2Secret, 30, 1, false, System.currentTimeMillis()); // Verify d1 but not d2: JsonObject verifyD1Input = new JsonObject(); diff --git a/src/test/java/io/supertokens/test/totp/api/VerifyTotpAPITest.java b/src/test/java/io/supertokens/test/totp/api/VerifyTotpAPITest.java index a17eee38b..ffc556d24 100644 --- a/src/test/java/io/supertokens/test/totp/api/VerifyTotpAPITest.java +++ b/src/test/java/io/supertokens/test/totp/api/VerifyTotpAPITest.java @@ -110,7 +110,7 @@ public void testApi() throws Exception { assertEquals(createDeviceRes.get("status").getAsString(), "OK"); String secretKey = createDeviceRes.get("secret").getAsString(); - TOTPDevice device = new TOTPDevice("user-id", "deviceName", secretKey, 2, 0, false); + TOTPDevice device = new TOTPDevice("user-id", "deviceName", secretKey, 2, 0, false, System.currentTimeMillis()); JsonObject verifyDeviceReq = new JsonObject(); verifyDeviceReq.addProperty("userId", device.userId); diff --git a/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java b/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java index b29f187fe..82c18b883 100644 --- a/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java +++ b/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java @@ -106,7 +106,7 @@ public void testApi() throws Exception { assertEquals(createDeviceRes.get("status").getAsString(), "OK"); String secretKey = createDeviceRes.get("secret").getAsString(); - TOTPDevice device = new TOTPDevice("user-id", "deviceName", secretKey, 30, 0, false); + TOTPDevice device = new TOTPDevice("user-id", "deviceName", secretKey, 30, 0, false, System.currentTimeMillis()); // Start the actual tests for update device API: